> OK. And if you want the first one, you can wrap it in a view currently, but > if it were changed I don't know what you would do if you want the 2nd one > (other than having every user create their own set of foreign tables). So I > guess the current situation is more flexible.
Sounds like it would be a useful option on a Foreign Server to allow it to run queries as either the invoker or the owner. We have that choice for functions, so we already have the concept and syntax available. We could have another default at FDW level that specifies what the default is for that type of FDW, and if that is not specified, we keep it like it currently is.
To go further off topic, I'd like to have the invoker vs definer security options available even for plain old views as well. Sometimes I want create a view so that I can let people see, in a controlled manner, things they couldn't otherwise see. But more often I just want to provide a convenience wrapper around ugly SQL without accidentally granting people additional privileges.
